function check_key_validity($key)
{
#this function temporarily opens db, which SHOULD NOT LEAVE THIS FUNCTION!
#it is only used to authenticate the key
$db = CreateObject('s3dbapi.db');
$db->Halt_On_Error = 'no';
$db->Host = $GLOBALS['s3db_info']['server']['db']['db_host'];
$db->Type = $GLOBALS['s3db_info']['server']['db']['db_type'];
$db->Database = $GLOBALS['s3db_info']['server']['db']['db_name'];
$db->User = $GLOBALS['s3db_info']['server']['db']['db_user'];
$db->Password = $GLOBALS['s3db_info']['server']['db']['db_pass'];
$db->connect();
$sql = "select * from s3db_access_keys where key_id='" . $key . "' and expires>='" . date('Y-m-d H:i:s') . "'";
#echo $sql;
$db->query($sql, __LINE__, __FILE__);
if ($db->next_record()) {
$account_id = $db->f('account_id');
#find the account_uname
$sql = "select account_lid from s3db_account where account_id = '" . $account_id . "'";
$db->query($sql, __LINE__, __FILE__);
if ($db->next_record()) {
$username = $db->f('account_lid');
}
$sql = "insert into s3db_access_log (login_timestamp, session_id, login_id, ip) values(now(), 'key:" . $key . "','" . $username . "','" . $_SERVER['REMOTE_ADDR'] . "')";
$db->query($sql, __LINE__, __FILE__);
delete_expired_keys($date, $db);
return True;
} else {
return False;
}
}
function authenticate_remote_user($key, $url)
{
#URL contains info on user in the last part of the path. (for example: URL=https://ibl.mdanderson.org/s3db/U4)
#$user_id_info = uid($url);
$user_id_info = uid_resolve($url);
if (ereg_replace('^D', '', $user_id_info['Did']) == ereg_replace('^D', '', $GLOBALS['s3db_info']['deployment']['Did'])) {
#same uri as local, authentication failed
return 1;
exit;
}
$db = CreateObject('s3dbapi.db');
$db->Halt_On_Error = 'no';
$db->Host = $GLOBALS['s3db_info']['server']['db']['db_host'];
$db->Type = $GLOBALS['s3db_info']['server']['db']['db_type'];
$db->Database = $GLOBALS['s3db_info']['server']['db']['db_name'];
$db->User = $GLOBALS['s3db_info']['server']['db']['db_user'];
$db->Password = $GLOBALS['s3db_info']['server']['db']['db_pass'];
$db->connect();
#Find URL
list($did_url) = DidURL($user_id_info, $db);
if (!$did_url) {
return 4;
exit;
}
#Validate User in remote;
##This is done by calling the apifunction keyCheck, which requires a key and a user_id;
$call1 = $did_url . 'keyCheck.php?key=' . $key . '&user_id=' . $user_id_info['uid'] . '&format=php';
$tmpKC = @fopen($call1, 'r');
if (!$tmpKC) {
return 4;
exit;
}
$keyValidated = stream_get_contents($tmpKC);
$keyValidated = unserialize($keyValidated);
$keyValidated = $keyValidated[0];
if ($keyValidated['error_code'] == 0) {
#User was validated with uid associated with remote deployment; These users cannot write anything is this deployment and their permissions are limited to the resources they were granted permission on. A filter is implemented that can be changed by the creator (Remote)
insert_access_log(array('user_id' => $user_id_info['condensed'], 'db' => $db));
##Temporarily copy the key for this user
$I = array('key_id' => $key, 'account_id' => $user_id_info['condensed'], 'expires' => date('Y-m-d H:i:s', time() + 1 * 60 * 60), 'notes' => 'Key for remote user created automatically by the API. Expires in 1 hour.');
add_entry('access_keys', $I, $db);
delete_expired_keys($date, $db);
return 0;
exit;
} else {
return 1;
exit;
}
}
